|
In
the era of IT technology development, globalization and organization
consolidation, information has become the most significant aspect of
running a
business. There is no organization which has not suffered
crucial information losses and its consequences. However,
only a limited number of organizations seems to be aware how
significant data
stored by them is, and takes actions to prevent any possible losses.
Some other
focus only on the protection of electronic data and at the same time
forget
that it is also likely to suffer loss of data in paper form.
Organizations which consider designing a uniform information security
management system begin with drawing up Information Security Policy
(ISP). This
document clearly states the responsibilities, scope of activities and
information security supervision in an organization.
Offered services:
- classifying all information processed by an organization
- performing comprehensive risk assessment which includes assessing:
any threats connected to it technology, human resources, force majuere
- drawing up a information security policy document in which the
unique character of an organization, its needs as far as information
security is concerned, as well as legal requirements and corporate
standards are taken into account
- integrating ISP with the general security policy of an organization
(integration with operational, financial and branch risk mechanisms)
- supervising ISP implementation
- determining a strategy for information security management system
development
|
